What is Cloud Armor?

Cloud Armor is GCP's DDoS protection and Web Application Firewall (WAF) service integrated with Cloud Load Balancing. It protects applications from the internet at the load balancer edge, before traffic reaches backends. Key features: DDoS mitigation: automatic protection against volumetric and protocol-based attacks, leveraging Google's global infrastructure which absorbs some of the largest DDoS attacks on record. WAF rules: pre-configured rule sets based on OWASP ModSecurity Core Rule Set (CRS) to block common web attacks (SQLi, XSS). Custom rules: IP allow/deny lists, geo-based blocking, rate limiting. Adaptive Protection: ML-based anomaly detection that suggests rules to block novel attacks. Edge policies: apply rules at Google's edge (PoP) before traffic reaches your data center for maximum protection.